We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | libreswan |
Reserved | 2024-04-11 |
Published | 2024-04-11 |
Updated | 2024-10-29 |
The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without specifying an esp= line. When the peer requests AES-GMAC, libreswan's default proposal handler causes an assertion failure and crashes and restarts. IKEv2 connections are not affected.
2024-03-24: | Issue reported publicly by github user X1AOxiang via https://github.com/libreswan/libreswan/issues/1665 |
2024-03-27: | Fix published in commit 03caa63de1e3 (as issue was already public via githb issue) |
2024-04-10: | Advanced notice given to support customers and distributions |
2024-04-12: | CVE-2024-3652 published |
github user X1AOxiang
https://libreswan.org/security/CVE-2024-3652 (CVE-2024-3652)
http://www.openwall.com/lists/oss-security/2024/04/18/2